Headline
RHSA-2022:8799: Red Hat Security Advisory: pki-core security update
An update for pki-core is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2414: pki-core: access to external entities when parsing XML can lead to XXE
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-12-06
Updated:
2022-12-06
RHSA-2022:8799 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: pki-core security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
- pki-core: access to external entities when parsing XML can lead to XXE (CVE-2022-2414)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2104676 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE
Red Hat Enterprise Linux Server 7
SRPM
pki-core-10.5.18-24.el7_9.src.rpm
SHA-256: 33e413fccacddf8edc1667d51400f9c1e69d4df9edf501c77101dd1acb332587
x86_64
pki-base-10.5.18-24.el7_9.noarch.rpm
SHA-256: 4c87589507d4f114cee54ea2bed621a601971aace6e3ee6050abce39eafe18b6
pki-base-java-10.5.18-24.el7_9.noarch.rpm
SHA-256: e20cca310558b996956a777bdb6f9a3fd07af33eb56dcac45b3726fdd0e5720b
pki-ca-10.5.18-24.el7_9.noarch.rpm
SHA-256: 056302d601482db30b2e8bf71d5e8e11e63583f190c8ba8baff888fb30fb2dd7
pki-core-debuginfo-10.5.18-24.el7_9.x86_64.rpm
SHA-256: 6f0fd5b15791dfebf9be0e137427ae709008cdb06996ef50904278a11e7803fe
pki-javadoc-10.5.18-24.el7_9.noarch.rpm
SHA-256: 9525cc73c4bb8e733a575a8aa6a90246eb2dd03807a987886d74411be1217611
pki-kra-10.5.18-24.el7_9.noarch.rpm
SHA-256: 0c7c812fb9bc4c66772fa661d8df595fa69611f68315806027b6b3b8dfc2c672
pki-server-10.5.18-24.el7_9.noarch.rpm
SHA-256: bc8c96207047fb65049189b0a290905b6e8fd4e17d55f009fc2f793bb1184bef
pki-symkey-10.5.18-24.el7_9.x86_64.rpm
SHA-256: a390eb290a52339214f459b1a0331f8ae2c9204121a1644ecd880376a479f7ed
pki-tools-10.5.18-24.el7_9.x86_64.rpm
SHA-256: a01774b408e951fd99b5e4add4dfbc19192e392a346c224384747d32299542c7
Red Hat Enterprise Linux Workstation 7
SRPM
pki-core-10.5.18-24.el7_9.src.rpm
SHA-256: 33e413fccacddf8edc1667d51400f9c1e69d4df9edf501c77101dd1acb332587
x86_64
pki-base-10.5.18-24.el7_9.noarch.rpm
SHA-256: 4c87589507d4f114cee54ea2bed621a601971aace6e3ee6050abce39eafe18b6
pki-base-java-10.5.18-24.el7_9.noarch.rpm
SHA-256: e20cca310558b996956a777bdb6f9a3fd07af33eb56dcac45b3726fdd0e5720b
pki-ca-10.5.18-24.el7_9.noarch.rpm
SHA-256: 056302d601482db30b2e8bf71d5e8e11e63583f190c8ba8baff888fb30fb2dd7
pki-core-debuginfo-10.5.18-24.el7_9.x86_64.rpm
SHA-256: 6f0fd5b15791dfebf9be0e137427ae709008cdb06996ef50904278a11e7803fe
pki-javadoc-10.5.18-24.el7_9.noarch.rpm
SHA-256: 9525cc73c4bb8e733a575a8aa6a90246eb2dd03807a987886d74411be1217611
pki-kra-10.5.18-24.el7_9.noarch.rpm
SHA-256: 0c7c812fb9bc4c66772fa661d8df595fa69611f68315806027b6b3b8dfc2c672
pki-server-10.5.18-24.el7_9.noarch.rpm
SHA-256: bc8c96207047fb65049189b0a290905b6e8fd4e17d55f009fc2f793bb1184bef
pki-symkey-10.5.18-24.el7_9.x86_64.rpm
SHA-256: a390eb290a52339214f459b1a0331f8ae2c9204121a1644ecd880376a479f7ed
pki-tools-10.5.18-24.el7_9.x86_64.rpm
SHA-256: a01774b408e951fd99b5e4add4dfbc19192e392a346c224384747d32299542c7
Red Hat Enterprise Linux Desktop 7
SRPM
pki-core-10.5.18-24.el7_9.src.rpm
SHA-256: 33e413fccacddf8edc1667d51400f9c1e69d4df9edf501c77101dd1acb332587
x86_64
pki-base-10.5.18-24.el7_9.noarch.rpm
SHA-256: 4c87589507d4f114cee54ea2bed621a601971aace6e3ee6050abce39eafe18b6
pki-base-java-10.5.18-24.el7_9.noarch.rpm
SHA-256: e20cca310558b996956a777bdb6f9a3fd07af33eb56dcac45b3726fdd0e5720b
pki-ca-10.5.18-24.el7_9.noarch.rpm
SHA-256: 056302d601482db30b2e8bf71d5e8e11e63583f190c8ba8baff888fb30fb2dd7
pki-core-debuginfo-10.5.18-24.el7_9.x86_64.rpm
SHA-256: 6f0fd5b15791dfebf9be0e137427ae709008cdb06996ef50904278a11e7803fe
pki-javadoc-10.5.18-24.el7_9.noarch.rpm
SHA-256: 9525cc73c4bb8e733a575a8aa6a90246eb2dd03807a987886d74411be1217611
pki-kra-10.5.18-24.el7_9.noarch.rpm
SHA-256: 0c7c812fb9bc4c66772fa661d8df595fa69611f68315806027b6b3b8dfc2c672
pki-server-10.5.18-24.el7_9.noarch.rpm
SHA-256: bc8c96207047fb65049189b0a290905b6e8fd4e17d55f009fc2f793bb1184bef
pki-symkey-10.5.18-24.el7_9.x86_64.rpm
SHA-256: a390eb290a52339214f459b1a0331f8ae2c9204121a1644ecd880376a479f7ed
pki-tools-10.5.18-24.el7_9.x86_64.rpm
SHA-256: a01774b408e951fd99b5e4add4dfbc19192e392a346c224384747d32299542c7
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
pki-core-10.5.18-24.el7_9.src.rpm
SHA-256: 33e413fccacddf8edc1667d51400f9c1e69d4df9edf501c77101dd1acb332587
s390x
pki-base-10.5.18-24.el7_9.noarch.rpm
SHA-256: 4c87589507d4f114cee54ea2bed621a601971aace6e3ee6050abce39eafe18b6
pki-base-java-10.5.18-24.el7_9.noarch.rpm
SHA-256: e20cca310558b996956a777bdb6f9a3fd07af33eb56dcac45b3726fdd0e5720b
pki-ca-10.5.18-24.el7_9.noarch.rpm
SHA-256: 056302d601482db30b2e8bf71d5e8e11e63583f190c8ba8baff888fb30fb2dd7
pki-core-debuginfo-10.5.18-24.el7_9.s390x.rpm
SHA-256: 132cb3c1e9a65b51b43b8bc23116b7536292e77819d730fec27b0a1e2abf665a
pki-javadoc-10.5.18-24.el7_9.noarch.rpm
SHA-256: 9525cc73c4bb8e733a575a8aa6a90246eb2dd03807a987886d74411be1217611
pki-kra-10.5.18-24.el7_9.noarch.rpm
SHA-256: 0c7c812fb9bc4c66772fa661d8df595fa69611f68315806027b6b3b8dfc2c672
pki-server-10.5.18-24.el7_9.noarch.rpm
SHA-256: bc8c96207047fb65049189b0a290905b6e8fd4e17d55f009fc2f793bb1184bef
pki-symkey-10.5.18-24.el7_9.s390x.rpm
SHA-256: 61eee3ca80de569fabc15f641203f209c7c9408ef55dc30f03ec7eb76c9df379
pki-tools-10.5.18-24.el7_9.s390x.rpm
SHA-256: 423d23420af823a06d4c49eee733e578d2e6c89228794ff252190c79b54de11f
Red Hat Enterprise Linux for Power, big endian 7
SRPM
pki-core-10.5.18-24.el7_9.src.rpm
SHA-256: 33e413fccacddf8edc1667d51400f9c1e69d4df9edf501c77101dd1acb332587
ppc64
pki-base-10.5.18-24.el7_9.noarch.rpm
SHA-256: 4c87589507d4f114cee54ea2bed621a601971aace6e3ee6050abce39eafe18b6
pki-base-java-10.5.18-24.el7_9.noarch.rpm
SHA-256: e20cca310558b996956a777bdb6f9a3fd07af33eb56dcac45b3726fdd0e5720b
pki-ca-10.5.18-24.el7_9.noarch.rpm
SHA-256: 056302d601482db30b2e8bf71d5e8e11e63583f190c8ba8baff888fb30fb2dd7
pki-core-debuginfo-10.5.18-24.el7_9.ppc64.rpm
SHA-256: 41fc1450a11106fb4b6d43dd2a82243201ba05145aa5f5ccd622cf35064201d3
pki-javadoc-10.5.18-24.el7_9.noarch.rpm
SHA-256: 9525cc73c4bb8e733a575a8aa6a90246eb2dd03807a987886d74411be1217611
pki-kra-10.5.18-24.el7_9.noarch.rpm
SHA-256: 0c7c812fb9bc4c66772fa661d8df595fa69611f68315806027b6b3b8dfc2c672
pki-server-10.5.18-24.el7_9.noarch.rpm
SHA-256: bc8c96207047fb65049189b0a290905b6e8fd4e17d55f009fc2f793bb1184bef
pki-symkey-10.5.18-24.el7_9.ppc64.rpm
SHA-256: 4cc379d3ce3e277f30b3c4e8d237a987dc917b84f01795aba2e55d795f2345de
pki-tools-10.5.18-24.el7_9.ppc64.rpm
SHA-256: 46675ee49609ab283326960007ffcf54b6aa9808c3638ce5d40d9bb0f446bfe4
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
pki-core-10.5.18-24.el7_9.src.rpm
SHA-256: 33e413fccacddf8edc1667d51400f9c1e69d4df9edf501c77101dd1acb332587
x86_64
pki-base-10.5.18-24.el7_9.noarch.rpm
SHA-256: 4c87589507d4f114cee54ea2bed621a601971aace6e3ee6050abce39eafe18b6
pki-base-java-10.5.18-24.el7_9.noarch.rpm
SHA-256: e20cca310558b996956a777bdb6f9a3fd07af33eb56dcac45b3726fdd0e5720b
pki-ca-10.5.18-24.el7_9.noarch.rpm
SHA-256: 056302d601482db30b2e8bf71d5e8e11e63583f190c8ba8baff888fb30fb2dd7
pki-core-debuginfo-10.5.18-24.el7_9.x86_64.rpm
SHA-256: 6f0fd5b15791dfebf9be0e137427ae709008cdb06996ef50904278a11e7803fe
pki-javadoc-10.5.18-24.el7_9.noarch.rpm
SHA-256: 9525cc73c4bb8e733a575a8aa6a90246eb2dd03807a987886d74411be1217611
pki-kra-10.5.18-24.el7_9.noarch.rpm
SHA-256: 0c7c812fb9bc4c66772fa661d8df595fa69611f68315806027b6b3b8dfc2c672
pki-server-10.5.18-24.el7_9.noarch.rpm
SHA-256: bc8c96207047fb65049189b0a290905b6e8fd4e17d55f009fc2f793bb1184bef
pki-symkey-10.5.18-24.el7_9.x86_64.rpm
SHA-256: a390eb290a52339214f459b1a0331f8ae2c9204121a1644ecd880376a479f7ed
pki-tools-10.5.18-24.el7_9.x86_64.rpm
SHA-256: a01774b408e951fd99b5e4add4dfbc19192e392a346c224384747d32299542c7
Red Hat Enterprise Linux for Power, little endian 7
SRPM
pki-core-10.5.18-24.el7_9.src.rpm
SHA-256: 33e413fccacddf8edc1667d51400f9c1e69d4df9edf501c77101dd1acb332587
ppc64le
pki-base-10.5.18-24.el7_9.noarch.rpm
SHA-256: 4c87589507d4f114cee54ea2bed621a601971aace6e3ee6050abce39eafe18b6
pki-base-java-10.5.18-24.el7_9.noarch.rpm
SHA-256: e20cca310558b996956a777bdb6f9a3fd07af33eb56dcac45b3726fdd0e5720b
pki-ca-10.5.18-24.el7_9.noarch.rpm
SHA-256: 056302d601482db30b2e8bf71d5e8e11e63583f190c8ba8baff888fb30fb2dd7
pki-core-debuginfo-10.5.18-24.el7_9.ppc64le.rpm
SHA-256: b9bc9d1cfb244a597815481ce6b142dd3a82eb7f65fabbf49ece1bd575abf041
pki-core-debuginfo-10.5.18-24.el7_9.ppc64le.rpm
SHA-256: b9bc9d1cfb244a597815481ce6b142dd3a82eb7f65fabbf49ece1bd575abf041
pki-javadoc-10.5.18-24.el7_9.noarch.rpm
SHA-256: 9525cc73c4bb8e733a575a8aa6a90246eb2dd03807a987886d74411be1217611
pki-kra-10.5.18-24.el7_9.noarch.rpm
SHA-256: 0c7c812fb9bc4c66772fa661d8df595fa69611f68315806027b6b3b8dfc2c672
pki-server-10.5.18-24.el7_9.noarch.rpm
SHA-256: bc8c96207047fb65049189b0a290905b6e8fd4e17d55f009fc2f793bb1184bef
pki-symkey-10.5.18-24.el7_9.ppc64le.rpm
SHA-256: 0b269046628807a46fd665065902ec4f696cbfc77148cd84e6da921556eb8b1e
pki-tools-10.5.18-24.el7_9.ppc64le.rpm
SHA-256: 023ffe9527f0d1da2d5f5e63fe10aefca506844463ab32f0c48b676ff675c356
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2393: A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able t...
Red Hat Security Advisory 2023-1747-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2414: A flaw was found in pki-core. Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to pot...
There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414.
Red Hat Security Advisory 2022-8915-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
An update is now available for Red Hat Certificate System 9.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2414: pki-core: access to external entities when parsing XML can lead to XXE
Red Hat Security Advisory 2022-8799-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2414: pki-core: access to external entities when parsing XML can lead to XXE
Red Hat Security Advisory 2022-7326-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
An update for pki-core is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2414: pki-core: access to external entities when parsing XML can lead to XXE
Attackers could ‘take full control of the infrastructure’, warn researchers
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.